Securing a shared adsl connection - Routers

This is a discussion on Securing a shared adsl connection - Routers ; Hi, I would like to know it is possible to have access to a computer on a shared connection via a ADSL modem router. FYI no work group has been set. Wiseman...

+ Reply to Thread
Results 1 to 15 of 15

Thread: Securing a shared adsl connection

  1. Securing a shared adsl connection

    Hi,

    I would like to know it is possible to have access to a computer on a shared
    connection via a ADSL modem router. FYI no work group has been set.

    Wiseman



  2. Re: Securing a shared adsl connection

    From: "Wiseman"

    | Hi,
    |
    | I would like to know it is possible to have access to a computer on a shared
    | connection via a ADSL modem router. FYI no work group has been set.
    |
    | Wiseman
    |

    Please be more specific on what you are asking.
    What are you trying to accomplish ?

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



  3. Re: Securing a shared adsl connection

    I am sharing my connection with a neighbour and I want to make sure they
    can't have access to my pc, that's all.


    "David H. Lipman" a écrit dans le message de
    news: 5%SIj.9822$bC6.3537@trnddc08...
    > From: "Wiseman"
    >
    > | Hi,
    > |
    > | I would like to know it is possible to have access to a computer on a
    > shared
    > | connection via a ADSL modem router. FYI no work group has been set.
    > |
    > | Wiseman
    > |
    >
    > Please be more specific on what you are asking.
    > What are you trying to accomplish ?
    >
    > --
    > Dave
    > http://www.claymania.com/removal-trojan-adware.html
    > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
    >
    >




  4. Re: Securing a shared adsl connection

    From: "Wiseman"

    | I am sharing my connection with a neighbour and I want to make sure they
    | can't have access to my pc, that's all.
    |

    All I can say is -- Don't!

    You are responsible for their actions.


    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



  5. Re: Securing a shared adsl connection

    Try to be more specific. I need to share because the cost is high.

    "David H. Lipman" a écrit dans le message de
    news: AG2Jj.9676$s27.6596@trnddc02...
    > From: "Wiseman"
    >
    > | I am sharing my connection with a neighbour and I want to make sure they
    > | can't have access to my pc, that's all.
    >
    > All I can say is -- Don't!
    >
    > You are responsible for their actions.
    >
    > Dave
    > http://www.claymania.com/removal-trojan-adware.html
    > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp




  6. Re: Securing a shared adsl connection

    From: "Wiseman"

    | Try to be more specific. I need to share because the cost is high.
    |

    Pay for it or don't access the Internet. There are too many risks sharing Internet with
    non-family members.

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



  7. Re: Securing a shared adsl connection

    On 2008-04-04 07:38:51, David H. Lipman wrote:

    > From: "Wiseman"
    >
    >| Try to be more specific. I need to share because the cost is high.


    I think what he's trying to say is that if anyone is doing anything illegal
    over the connection, the one responsible for the connection may be held
    responsible.

    > Pay for it or don't access the Internet. There are too many risks
    > sharing Internet with non-family members.


    I don't really see how the "family member" qualifier changes anything of
    that -- if it is about that. IMO the risk is about the same for family
    members and non-family members (at least without knowing details about the
    specific persons involved).

    Gerhard

  8. Re: Securing a shared adsl connection

    I appreciate your explanation.

    But my question was not about what the neighbour can do on the internet. It
    was whether they could access my own computer.

    "Gerhard Fiedler" a écrit dans le message de news:
    oekubd95kn6j$.dlg@gelists.gmail.com...
    > On 2008-04-04 07:38:51, David H. Lipman wrote:
    >
    >> From: "Wiseman"
    >>
    >>| Try to be more specific. I need to share because the cost is high.

    >
    > I think what he's trying to say is that if anyone is doing anything
    > illegal
    > over the connection, the one responsible for the connection may be held
    > responsible.
    >
    >> Pay for it or don't access the Internet. There are too many risks
    >> sharing Internet with non-family members.

    >
    > I don't really see how the "family member" qualifier changes anything of
    > that -- if it is about that. IMO the risk is about the same for family
    > members and non-family members (at least without knowing details about the
    > specific persons involved).
    >
    > Gerhard




  9. Re: Securing a shared adsl connection

    From: "Gerhard Fiedler"

    | On 2008-04-04 07:38:51, David H. Lipman wrote:
    |
    >> From: "Wiseman"
    >>

    >|> Try to be more specific. I need to share because the cost is high.

    |
    | I think what he's trying to say is that if anyone is doing anything illegal
    | over the connection, the one responsible for the connection may be held
    | responsible.
    |
    >> Pay for it or don't access the Internet. There are too many risks
    >> sharing Internet with non-family members.

    |
    | I don't really see how the "family member" qualifier changes anything of
    | that -- if it is about that. IMO the risk is about the same for family
    | members and non-family members (at least without knowing details about the
    | specific persons involved).
    |
    | Gerhard

    Actually you find this as a clause on most if not all ISP ToS/AUP's.


    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



  10. Re: Securing a shared adsl connection

    I have done this.
    I had a router at each house and set internal network set for two
    different ranges.

    Wiseman wrote:
    > I appreciate your explanation.
    >
    > But my question was not about what the neighbour can do on the internet. It
    > was whether they could access my own computer.
    >
    > "Gerhard Fiedler" a écrit dans le message de news:
    > oekubd95kn6j$.dlg@gelists.gmail.com...
    >> On 2008-04-04 07:38:51, David H. Lipman wrote:
    >>
    >>> From: "Wiseman"
    >>>
    >>> | Try to be more specific. I need to share because the cost is high.

    >> I think what he's trying to say is that if anyone is doing anything
    >> illegal
    >> over the connection, the one responsible for the connection may be held
    >> responsible.
    >>
    >>> Pay for it or don't access the Internet. There are too many risks
    >>> sharing Internet with non-family members.

    >> I don't really see how the "family member" qualifier changes anything of
    >> that -- if it is about that. IMO the risk is about the same for family
    >> members and non-family members (at least without knowing details about the
    >> specific persons involved).
    >>
    >> Gerhard

    >
    >


  11. Re: Securing a shared adsl connection

    On 2008-04-04 11:47:58, Wiseman wrote:

    > I appreciate your explanation.
    >
    > But my question was not about what the neighbour can do on the internet. It
    > was whether they could access my own computer.


    They can, in general -- your computers normally will be on the same LAN
    segment. There are ways to prevent that they can access anything
    significant, though, and there are ways to make sure they can't access it
    at all: disabling services on your computer, a local software firewall on
    your computer, using a router that can create different and separate
    "virtual LANs", using a second router/gateway between your computer and the
    router/gateway connected to the ADSL connection.

    But still it's worth checking whether this is allowed by your ISP, as David
    says.

    Gerhard

  12. Re: Securing a shared adsl connection

    Smiles wrote:
    > I have done this.
    > I had a router at each house and set internal network set for two
    > different ranges.


    Did you connect the WAN ports of the two routers into a common
    hub/switch and then to your modem, or did you connect the WAN port of
    the neighbors router to the LAN port of your router?

    >
    > Wiseman wrote:
    >> I appreciate your explanation.
    >>
    >> But my question was not about what the neighbour can do on the
    >> internet. It was whether they could access my own computer.
    >>
    >> "Gerhard Fiedler" a écrit dans le message de news:
    >> oekubd95kn6j$.dlg@gelists.gmail.com...
    >>> On 2008-04-04 07:38:51, David H. Lipman wrote:
    >>>
    >>>> From: "Wiseman"
    >>>>
    >>>> | Try to be more specific. I need to share because the cost is high.
    >>> I think what he's trying to say is that if anyone is doing anything
    >>> illegal
    >>> over the connection, the one responsible for the connection may be held
    >>> responsible.
    >>>
    >>>> Pay for it or don't access the Internet. There are too many risks
    >>>> sharing Internet with non-family members.
    >>> I don't really see how the "family member" qualifier changes anything of
    >>> that -- if it is about that. IMO the risk is about the same for family
    >>> members and non-family members (at least without knowing details
    >>> about the
    >>> specific persons involved).
    >>>
    >>> Gerhard

    >>
    >>


    Best Regards,
    News Reader

  13. Re: Securing a shared adsl connection

    Wiseman wrote:
    > I appreciate your explanation.
    >
    > But my question was not about what the neighbour can do on the internet. It
    > was whether they could access my own computer.
    >
    > "Gerhard Fiedler" a écrit dans le message de news:
    > oekubd95kn6j$.dlg@gelists.gmail.com...
    >> On 2008-04-04 07:38:51, David H. Lipman wrote:
    >>
    >>> From: "Wiseman"
    >>>
    >>> | Try to be more specific. I need to share because the cost is high.

    >> I think what he's trying to say is that if anyone is doing anything
    >> illegal
    >> over the connection, the one responsible for the connection may be held
    >> responsible.
    >>
    >>> Pay for it or don't access the Internet. There are too many risks
    >>> sharing Internet with non-family members.

    >> I don't really see how the "family member" qualifier changes anything of
    >> that -- if it is about that. IMO the risk is about the same for family
    >> members and non-family members (at least without knowing details about the
    >> specific persons involved).
    >>
    >> Gerhard

    >
    >


    Separating the two networks into VLANs would be effective (two separate
    broadcast domains). You'd need to make sure you restricted interVLAN
    routing between them. Your equipment would need to support VLANs, and
    you'd need to be up to the challenge of configuring it.

    If you did not use VLANs, and attempted to achieve the desired results
    with a pair of routers, similar to Smiles (other poster), you would not
    want to connect the WAN port of the neighbors router to the LAN port of
    your router. They would be able to initiate connections into your network.

    If your ISP permits multiple concurrent IP addresses, it would be
    preferable to connect the WAN ports of the two routers into a common
    hub/switch and then to your modem. NAT on the WAN port of each router
    would prohibit connections into each others network. Each WAN port would
    negotiate an IP address from the ISP.

    I do agree with comments from other posters regarding the liability
    incurred, just to save a buck. I like my neighbor, but I wouldn't want
    to be legally accountable for his actions.

    Best Regards,
    News Reader

  14. Re: Securing a shared adsl connection

    adsl modem to router to two more routers

    so each house was two routers to the internet and two routers between each

    and yes the networks where two different ranges coming out from each

    News Reader wrote:
    > Smiles wrote:
    >> I have done this.
    >> I had a router at each house and set internal network set for two
    >> different ranges.

    >
    > Did you connect the WAN ports of the two routers into a common
    > hub/switch and then to your modem, or did you connect the WAN port of
    > the neighbors router to the LAN port of your router?
    >
    >>
    >> Wiseman wrote:
    >>> I appreciate your explanation.
    >>>
    >>> But my question was not about what the neighbour can do on the
    >>> internet. It was whether they could access my own computer.
    >>>
    >>> "Gerhard Fiedler" a écrit dans le message de
    >>> news: oekubd95kn6j$.dlg@gelists.gmail.com...
    >>>> On 2008-04-04 07:38:51, David H. Lipman wrote:
    >>>>
    >>>>> From: "Wiseman"
    >>>>>
    >>>>> | Try to be more specific. I need to share because the cost is high.
    >>>> I think what he's trying to say is that if anyone is doing anything
    >>>> illegal
    >>>> over the connection, the one responsible for the connection may be held
    >>>> responsible.
    >>>>
    >>>>> Pay for it or don't access the Internet. There are too many risks
    >>>>> sharing Internet with non-family members.
    >>>> I don't really see how the "family member" qualifier changes
    >>>> anything of
    >>>> that -- if it is about that. IMO the risk is about the same for family
    >>>> members and non-family members (at least without knowing details
    >>>> about the
    >>>> specific persons involved).
    >>>>
    >>>> Gerhard
    >>>
    >>>

    >
    > Best Regards,
    > News Reader


  15. Re: Securing a shared adsl connection

    Smiles wrote:
    > adsl modem to router to two more routers
    >
    > so each house was two routers to the internet and two routers between each
    >
    > and yes the networks where two different ranges coming out from each
    >


    Depending on your routing choices, this would not necessarily be a
    requirement. If the upstream router had static routes configured, or
    dynamically learned routes to the networks on the LAN side of the
    downstream routers, you would need the LAN network IDs to be different
    (e.g.: 192.168.1.0 /24, 192.168.2.0 /24).

    If you were using typical residential routers in their factory-default
    "gateway mode" (i.e.: didn't enable static or dynamic routing) with NAT,
    the two network IDs used on the LAN side of the downstream routers could
    be the same. Without routes in its routing table for those networks, the
    upstream router would have no awareness of the addressing scheme used on
    the LAN side of the downstream routers.

    The upstream router would see all of your LAN hosts as having the same
    IP address; the address of your downstream router's WAN interface (e.g.:
    192.168.0.2), to which your hosts are NAT'd.

    The upstream router would see all of your neighbor's LAN hosts as having
    the same IP address; the address of your neighbor's downstream router's
    WAN interface (e.g.: 192.168.0.3), to which his/her hosts are NAT'd.

    Lets assume you used a common network ID (e.g.: 192.168.1.0 /24) on the
    LAN side of each of the downstream routers. Any attempt by your neighbor
    to connect to a host with an address of 192.168.1.x, would be contained
    within the LAN side of his/her downstream router. Those packets wouldn't
    even traverse his/her router to the WAN port.

    You could both have hosts addressed with e.g.: 192.168.1.10, and you
    would each reach your own host, but be completely isolated from the
    others host with the same address.

    The key is the upstream router not having routes to the LAN side of the
    downstream routers (i.e.: a lack of awareness of the addressing scheme
    used).

    > News Reader wrote:
    >> Smiles wrote:
    >>> I have done this.
    >>> I had a router at each house and set internal network set for two
    >>> different ranges.

    >>
    >> Did you connect the WAN ports of the two routers into a common
    >> hub/switch and then to your modem, or did you connect the WAN port of
    >> the neighbors router to the LAN port of your router?
    >>
    >>>
    >>> Wiseman wrote:
    >>>> I appreciate your explanation.
    >>>>
    >>>> But my question was not about what the neighbour can do on the
    >>>> internet. It was whether they could access my own computer.
    >>>>
    >>>> "Gerhard Fiedler" a écrit dans le message de
    >>>> news: oekubd95kn6j$.dlg@gelists.gmail.com...
    >>>>> On 2008-04-04 07:38:51, David H. Lipman wrote:
    >>>>>
    >>>>>> From: "Wiseman"
    >>>>>>
    >>>>>> | Try to be more specific. I need to share because the cost is high.
    >>>>> I think what he's trying to say is that if anyone is doing anything
    >>>>> illegal
    >>>>> over the connection, the one responsible for the connection may be
    >>>>> held
    >>>>> responsible.
    >>>>>
    >>>>>> Pay for it or don't access the Internet. There are too many risks
    >>>>>> sharing Internet with non-family members.
    >>>>> I don't really see how the "family member" qualifier changes
    >>>>> anything of
    >>>>> that -- if it is about that. IMO the risk is about the same for family
    >>>>> members and non-family members (at least without knowing details
    >>>>> about the
    >>>>> specific persons involved).
    >>>>>
    >>>>> Gerhard
    >>>>
    >>>>

    >>
    >> Best Regards,
    >> News Reader


    Best Regards,
    News Reader

+ Reply to Thread